Skip to main content

Microsoft O365 International Access

Request access to Microsoft O365 for a person who has been authorized to work remotely outside of the United States.
Request via ServiceNow 

Contacts

EOTSS End User and IT Service Support

Phone

EOTSS End User IT Service Desk Call EOTSS End User and IT Service Support, EOTSS End User IT Service Desk at (844) 435-7629

Support for Commonwealth end users and IT support personnel

Online

ServiceNow Log in to ServiceNow 
Chat with us live! Log in and click "Chat now" 
Send us an email Email EOTSS End User and IT Service Support at MassGov@service-now.com
Learn more about this organization 

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

The Details

Features

This request is for access to Microsoft O365 Internationally, and requires both Agency/Secretariat’s General Counsel or designee approval, and Agency/Secretariat’s CISO or designee approval.

This access is for a user who will work outside of the United States (American Samoa, Guam, Northern Mariana Islands, Puerto Rico, and the Virgin Islands require international access) on either a temporary, or semi-permanent basis. For users with a primary work location outside of the United States, (consultants, contractors, vendors, etc.) access must be reviewed on a regular basis.

Please request access at least 2 weeks prior. If requesting travel to a country on the deny-list - requires Enterprise EOTSS Chief Information Security Officer (CISO) approval.

How to request

Designated Security Officers (DSOs) ONLY - will request on behalf of Commonwealth employees and their authorized business partners, whether or not currently supported by EOTSS.

Request service via a ServiceNow request

Service Level Expectation (SLE)

Microsoft O365 International Access

SLEResponsibilities/Dependencies

Fulfillment:  Due to the variable nature of this request item, fulfillment time will differ on a case-to-case basis. SLE will be communicated following the finalization of customer requirements.

Please note: Access must be requested at least 2 weeks prior. If requesting travel to a country on the deny-list – this requires Enterprise EOTSS Chief Information Security Officer (CISO) approval.

Important Note: This request requires both Agency/Secretariat’s General Counsel or designee approval, and Agency/Secretariat’s CISO or designee approval.

Customer

  • Responsible for adhering to the EOTSS Standard Rules of Engagement.
  • Responsible for requesting access at least 2 weeks prior.
  • Responsible for submitting accurate information to EOTSS during the intake and discovery process.
  • Customer responsible for attaching Agency/Secretariat’s General Counsel or designee approval.
  • Customer responsible for attaching Agency/Secretariat’s CISO or designee approval.
  • Customer responsible for attaching requested user’s completed cybersecurity training awareness completion certificate.

EOTSS

  • Responsible for coordinating discovery meeting(s) with the customer.
  • Once all requirements are collected/finalized following intake and discovery, EOTSS will determine the appropriate SLE for the request and communicate to the customer.
  • Responsible for providing access to Microsoft O365 Internationally per the customer’s requirements.
  • Responsible for providing international access via mobile provider for agencies supported by MassVoice.

Policies

communication was sent to ITLs and DSOs on updates to the current catalog item. 

IS.003 Access Management Standard – Information Systems -6.3.3 No system or database containing non public information shall be directly accessible from an untrusted network  

IS.004 Asset Management Standard - 6.7 Endpoint Security -6.7.10 Ensure that Commonwealth-owned or managed devices do not leave the United States.

IS.006 Communication and Network Security Standard – 6.2 Remote Access Security Management -6.2.1 All external connections to the Commonwealth family of networks must be reviewed and approved by the Commonwealth CISO

DENY LIST (Updated July 8, 2025)

Country
Afghanistan
Bangladesh
Belarus
Burkina Faso
Burma (Myanmar)
Burundi
Central African Republic
Chad
Colombia
Democratic Republic of the Congo
Egypt
Ethiopia
Guatemala
Guinea-Bissau
Guyana
Haiti
Honduras
Iran
Iraq
Israel, the West Bank and Gaza
Lebanon
Libya
Macau
Mali
Mauritania
Mexico
New Caledonia
Nicaragua
Niger
Nigeria
North Korea (Democratic People's Republic of Korea)
Pakistan
Papua New Guinea
Russia
Somalia
South Sudan
Sudan
Syria
Trinidad and Tobago
Uganda
Ukraine
Venezuela
Yemen 

The list above was created by using a combination of sources from the federal government commerce ban, the CDC, and the US Department of State. 

Refer to the U.S. Department of State for a listing of current travel advisories: 
https://travel.state.gov/content/travel/en/traveladvisories/traveladvisories.html/  

Contact

Phone
EOTSS End User IT Service Desk Call EOTSS End User and IT Service Support, EOTSS End User IT Service Desk at (844) 435-7629

Support for Commonwealth end users and IT support personnel

Online
ServiceNow Log in to ServiceNow 
Chat with us live! Log in and click "Chat now" 
Send us an email Email EOTSS End User and IT Service Support at MassGov@service-now.com
Learn more about this organization 
Address
McCormack Building
1 Ashburton Place, 8th Floor, Boston, MA 02108
Directions 
Online
For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.
Feedback